Application* 10/574,808 
Docket # P08887US00/RFH 



CLAIMS LISTING 



Responsive to Office 
Action of 05/04/2009 



ATTACHMENT - CLAIMS LISTING 

This listing of claims will replace all prior versions, and listings, of claims in the 
application. 

1 . (Currently Amended) A method for carrying out an authentication process for 
authenticating a transaction by any one of a plurality of users with an entity by m e ans of 
comprising the steps of: 

providing a data processing apparatus, in whichfjhe entity generates transaction 
data relating to the transaction, and at least during the authentication process the data 
processing apparatus has operatively associated there with i^a selected one of a 
plurality of authentication storage means respective to the users each for storing 
predetermined authentication information, the authentication storage means being 
registerable with a common telecommunications system for which the users have 
respective telecommunications terminals , the m e thod i nc l ud i ng th e st e p of 

carrying out the authentication process via a communications link with that-the 
telecommunications system, the authentication process being carried out by 
authenticating means incorporated in the telecommunications system and involving the 
use of the transaction data and the predetermined authentication information stored by 
the selected one authentication storage means and th e transact i on data , the 
predetermined authentication information stored by each authentication storage means 
corresponding to information which is used to authenticate a telecommunications 
terminal of that user in relation to the telecommunications system but the authentication 
process for authenticating the transaction by that user with the data processing 
apparatus not reguiring use of that user's telecommunications terminal, and 

transmitting, wh e r ei n in order to authenticate the transaction, the transaction data Is 
transm i tt e d between the data processing apparatus and the telecommunications system 
via a transaction manager implemented by the data processing apparatus, and also 
transmitting the predetermined authentication information i s a l so transm i tt e d between 
the authentication storage means and the telecommunications system via the 
transaction manager. 
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2. (Currently Amended) A method according to claim 1 , in which the predetermined 
authentication information stored by each authentication storage means corresponds to 
information which is used to authenticate a user of that authentication storage means in 
relation to the telecommunications system. 

3. -4. (Cancelled) 

5. (Currently Amended) A method according to claim 1 , wherein each user is 
authenticated in the telecommunications system by m e ans of th e us e of a smart card or 
subscriber identity module ( e .g. S I M) , and in which the authentication storage means 
respective to that user corresponds to or simulates the smart card for that user. 

6. (Currently Amended) A method according to claim 5, wherein the smart card or SIM 
subscriber identity module authenticates the transaction when the smart card or SIM 
subscriber identity module is operable in a terminal usable in a mobile and/or cellular 
telecommunications system. 

7. (Currently Amended) A method according to claim 6, wherein the smart card or SIM 
subscriber identity module is operable to authenticate the terminal in the mobile and/or 
cellular telecommunications system. 

8. -10. (Cancelled) 

1 1 . (Previously Presented) A method according to claim 1 , in which the authentication 
storage means is incorporated on a data carrier for data or software for use by that data 
processing apparatus. 

12. (Previously Presented) A method according to claim 1 , in which the authentication 
process involves the sending of a message and the generation of a response 
dependent on the message and the predetermined information. 
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13.-16. (Cancelled) 

17. (Previously Presented) A method according to claim 1, including operatively 
coupling the authentication storage means to a carrier. 

18. (Cancelled) 

19. (Previously Presented) A method according to claim 17, wherein the carrier is 
operatively coupled to the data processing apparatus by a wireless link. 

20. (Previously Presented) A method according to claim 17, wherein the authentication 
storage means is removably coupled to the carrier. 

21. (Cancelled) 

22. (Currently Amended) A method according to claim 17, comprising the step of using 
said carrier to obtain user security data independently of the data processing apparatus, 
and analysing the user security data for determining whether to allow access to the 
predetermined information. 

23. (Original) A method according to claim 22, wherein the security data is obtained by 
alphanumeric data entry means. 

24. (Cancelled) 

25. (Currently Amended) A method according to claim 22, wherein the user security 
data comprises a Personal Identification Number (PIN) and the analysing step 
compares the PIN obtained by the security data entry means with a PIN stored on the 
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authentication storage means and only allows access to the predetermined information 
when the respective PINs match. 

26. (Cancelled) 

27. (Previously Presented) A method according to claim 17, wherein communication 
with the data processing apparatus is controlled by a data processing module. 

28. - 29. (Cancelled) 

30. (Previously Presented) A method according to claim 27, wherein the data 
processing module of the carrier decrypts encrypted data received from the data 
processing module of the data processing apparatus. 

31 . (Previously Presented) A method according to claim 27, wherein the data 
processing module of the carrier encrypts data transmitted to the data processing 
module of the data processing apparatus. 

32. (Previously Presented) A method according to claim 30, wherein the respective 
data processing modules comprise a key for allowing encryption and/or decryption of 
data. 

33. (Previously Presented) A method according to claim 32, wherein the key 
comprises a shared secret key for each of the respective data processing modules. 

34. (Previously Presented) A method according to claim 17, wherein the carrier is 
operatively coupled to a plurality of authentication storage means for respectively 
enabling the said authentication process and one or more other authentication 
processes. 
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35. (Cancelled) 

36. (Currently Amended) A method according to claim 1 , including routing 
communications between the authentication storage means and the 
telecommunications system via the transaction manager. 

37. (Previously Presented) A method according to claim 1 , wherein the transaction 
manager is implemented by the data processing apparatus. 

38. (Previously Presented) A method according to claim 1 , wherein the transaction 
manager detects the operative coupling of the authentication storage means. 

39. (Previously Presented) A method according to claim 36, wherein the transaction 
manager transmits data relating to an authenticated transaction to the entity to which 
that transaction relates. 



40.-51. (Cancelled) 

52. (Currently Amended) Data processing apparatus i n comb i nat i on system for 
carrying out an authentication process for authenticating a transaction by any one of a 
plurality of users with an entity, said data processing system comprising: with 
a data processing apparatus, 

a selected one of a plurality of authentication storage means in operative association 
with the data processing apparatus, each said authentication storage means for storing 
predetermined authentication information relating to the carrying out of an-the 
authentication process for auth e nt i cat i ng a transact i on w i th an e nt i ty by m e ans of th e 
data proc e ss i ng apparatus , the entity being operable to generate transaction data 
relating to the transaction, and 

a common telecommunications system which is registerable with the plurality of the 
authentication storage means a ll b e ing r e g i strab le w i th a common syst e m , 
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a communications link with the telecommunications system by which the 
authentication storage means when operatively associated with the data processing 
apparatus betfig-is_operative to carry out the authentication process^4a-a 
commun i cat i ons li nk w i th that syst e m , and 

authenticating means incorporated in the telecommunications system by which the 
authentication process beifig-is_carried out by auth e nt i cat i ng m e ans i ncorporat e d i n th e 
syst e m and i nvo l v i ng which involves the use of the predetermined authentication 
information respective to the user stored by the selected one authentication storage 
means, the predetermined authentication information being stored by each 
authentication storage means corresponding to information which is used to 
authenticate a telecommunications terminal of that user in relation to the 
telecommunications system but the authentication process for authenticating the 
transaction by that user with the data processing apparatus not reguiring use of that 
user's telecommunications terminal, 

wh e r ei n i n ord e r to auth e nt i cat e th e transact i on, th e transact i on data i s transm i tt e d 
b e tw ee n th e data proc e ss i ng apparatus and th e system v i a a transact i on manag e r 
i mp le m e nt e d by th e data proc e ss i ng apparatus, and th e pr e d e t e rm i n e d auth e nt i cat i on 
i nformat i on i s a l so transm i tt e d b e tw ee n the auth e nt i cat i on storag e m e ans and th e 
syst e m v i a th e transact i on manag e r 

the data processing apparatus comprising at least a transaction manager through 
which communications between the data processing apparatus and the 
telecommunications system are transmitted and through which the predetermined 
authentication information is also transmitted between the authentication storage means 
and the telecommunications system, the transaction manager being implemented by the 
data processing apparatus . 

53. (Currently Amended) A data processing system Apparatus according to claim 52, 
in which the predetermined authentication information stored by each authentication 
storage means corresponds to information which is used to authenticate a user of that 
authentications storage means in relation to the system. 
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54. - 55. (Cancelled) 

56. (Currently Amended) A data processing system Apparatus according to claim 53, 
in which each user is authenticated in the telecommunications system by means of the 
use of a smart card or subscriber identity module (e.g. S I M) , and in which the 
authentication storage means respective to that user corresponds to or simulates the 
smart card for that user. 

57. (Currently Amended) A data processing system Apparatus according to claim 56, 
wherein the smartcard or subscriber identity module SJM-is operable in a terminal 
usable in a mobile and/or cellular telecommunication system to authenticate the 
transaction. 

58. (Currently Amended) A data processing system A pparatus according to claim 57, 
wherein the smartcard or subscriber identity module SIM-is operable to authenticate the 
terminal in the mobile and/or cellular telecommunication system. 

59. -60. (Cancelled) 

61 . (Currently Amended) A data processing system Apparatus according to claim 52, 
in which the authentication process involves the sending of a message and the 
generation of a response dependent on the message and the predetermined 
information. 

62. - 65. (Cancelled) 

66. (Currently Amended) A data processing system Apparatus according to claim 52, 
wherein a carrier is provided for the authentication storage means and the 
authentication storage means is operatively couplable to the carrier. 
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67. (Cancelled) 

68. (Currently Amended) A data processing system Apparatus according to claim 66 , 
including means for allowing wireless communication between the carrier and the data 
processing apparatus. 

69. (Currently Amended) A data processing system Apparatus according to claim 66, 
including means for removably coupling the carrier to the authentication storage means. 

70. (Cancelled) 

71 . (Currently Amended) A data processing system Apparatus according to claim 66, 
wherein the carrier includes means for obtaining user security data independently of the 
data processing apparatus and means for analysing the user security data for 
determining whether to allow access to the predetermined information. 

72. (Currently Amended) A data processing system Apparatus according to claim 71 , 
wherein the carrier comprises alphanumeric data entry means for allowing the security 
data to be obtained. 

73. (Cancelled) 

74. (Currently Amended) A data processing system Apparatus according to claim 71 , 
wherein the user security data comprises a personal identification number (PIN) and the 
analysing means is operable to compare the PIN obtained by the security data entry 
means with a PIN stored on the authentication storage means and for only allowing 
access to the predetermined information when the respective PINs match. 

75. (Cancelled) 
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76. (Currently Amended) A data processing system Apparatus according to claim 66, 
wherein the carrier comprises a data processing module for controlling communication 
with the data processing apparatus. 

77. - 78. (Cancelled) 

79. (Currently Amended) A data processing system Apparatus according to claim 76, 
wherein the data processing module of the carrier includes means for decrypting 
encrypted data received from the data processing module of the data processing 
apparatus. 

80. (Currently Amended) A data processing system Apparatus according to claim 76, 
wherein the data processing module of the carrier encrypts data transmitted to the data 
processing module of the data processing apparatus. 

81 . (Currently Amended) A data processing system Apparatus according to claim 79, 
wherein the respective data processing modules comprise a key for allowing encryption 
and/or decryption of data. 

82. (Currently Amended) A data processing system Apparatus according to claim 81 , 
wherein the key comprises a shared secret key for each of the respective data 
processing modules. 

83. (Currently Amended) A data processing system Apparatus according to claim 66, 
wherein the carrier includes means for operatively coupling the carrier to a plurality of 
authentication storage means for respectively enabling the-said authentication process 
and one or more other authentication processes to be performed. 

84. (Cancelled) 
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85. (Currently Amended) A data processing system Apparatus according to claim 52, 
wherein data communications between the authentication storage means and the 
telecommunications system are routed via the transaction manager 

86. (Currently Amended) A data processing system Apparatus according to claim 52, 
wherein the transaction manager is implemented by the data processing apparatus. 

87. (Currently Amended) A data processing system Apparatus according to claim 52, 
wherein the transaction manager is operable to detect the operative coupling of the 
authentication storage means to the data processing means. 

88. (Currently Amended) A data processing system Apparatus according to claim 52, 
wherein the transaction manager is operable to transmit data relating to an 
authenticated transaction to the entity to which that transaction relates. 

89. -100. (Cancelled) 

1 01 . (Withdrawn) A device for coupling to data processing apparatus for enabling an 
authentication process involving the use of separate authenticating means, the device 
being configured to provide a plurality of separately activatable authentication 
information records for use in the authentication process, the authentication information 
records being registered with a system including the authenticating means, the device 
being responsive to an input message for deriving a response dependent on the input 
message and on the activated authentication information record for enabling the 
authenticating means to carry out the authentication process via a communication link 
with the authenticating means in the said system whereby to authenticate a transaction. 

102. (Withdrawn) The device of claim 101, including means for receiving a smart card 
or SIM which carries said plurality of authentication information record. 
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103. (Withdrawn) The device of claim 101, including means for receiving a plurality of 
smart cards or SIMs, each of which carries one of said plurality of authentication 
information records. 

104. (Withdrawn) The device of claim 101, including means for releasably coupling 
one or a plurality of smart cards or SIMs thereto, the authentication information records 
being stored on the smart card(s) or SIM(s). 

105. (Withdrawn) The device of claim 101, including means for receiving one or a 
plurality of smart cards or SIMs and for permanently coupling the smart card(s) or 
SIM(s) to the device. 

106. (Withdrawn) The device of claim 101, including a data store for storing said 
plurality of separately activatable authentication information records. 

107. (Withdrawn) The device of claim 101, wherein the plurality of authentication 
information records are selectively activated in response to a user input. 

108. (Withdrawn) The device of claim 107, wherein the user input is provided by 
activation of a switch. 

1 09. (Withdrawn) The device of claim 1 01 , wherein the plurality of authentication 
information records are selectively activated in response to a signal received from the 
data processing device. 

110. (Withdrawn) An authentication system for authenticating transactions of users 
registered with that system to enable a transaction with another system to be 
authenticated, the authentication system including authentication means for sending an 
authentication message in response to an authentication request from a subscriber and 
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for receiving and analysing a response thereto to determine if the received response 
corresponds to an expected response to authenticate the identity of the user; and 
security token generating means for generating a security token for use in performing a 
transaction with the other system. 

111. (Withdrawn) The system of claim 110, wherein the security token includes data 
indicative of the identity of the user. 

112. (Withdrawn) The system of claim 110, wherein the security token includes data 
indicative of the nature of the transaction. 

113. (Withdrawn) The system of claim 110, including means for receiving a returned 
security token and for analysing the returned security token to determine its integrity 
and for providing a service in response to receipt of the returned security token. 

114. (Withdrawn) The system of claim 113, wherein the service is the processing of a 
payment associated with the transaction. 

1 1 5. (Withdrawn) The system of claim 1 1 0, including a register for storing data relating 
to a user for use in performing transactions. 

116. (Withdrawn) The system of claim 115, including means for transmitting the user 
data in response to a request from the user. 

117. (Withdrawn) The system of claim 115, including means for transmitting the user 
data in response to receipt of a returned security token. 

118. (Withdrawn) The system of claim 115, including means for transmitting the user 
data in response to receipt of a returned security token, and wherein the register stores 
for each user separate data records for each of a plurality of other services with which 
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the user performs transactions, and wherein only user data for a particular service is 
provided in response to a request for user data. 

119. (Withdrawn) The system of claim 118, wherein the returned security token is 
analysed to determine to which service it relates, and in response thereto user data for 
that service is provided to that service. 

120. (Withdrawn) A system for storing user data for use in performing transactions with 
a plurality of service providers, wherein for each user a plurality of data records are 
stored for use when performing transactions with respective service providers, and 
wherein only a data record relevant to a particular service provider is made available in 
response to a request on behalf of that service provider. 

121. (Withdrawn) The system of claim 1 20, including means for authenticating a 
request for user data on behalf of a service provider. 

122. (Withdrawn) A data packet for use in authenticating and performing a transaction 
between a client and a product or service provider, the data packet including data 
indicative of the product or service provider identity such that the data packet is only 
useable to authenticate and perform a transaction with that product or service provider. 

123. (Withdrawn) The data packet of claim 122, wherein the data packet includes data 
indicative of the client identity such that the data packet is only useable to authenticate 
and perform a transaction with that client. 

124. (Withdrawn) An authentication system for authenticating transactions between a 
client and a product or service provider, including means for generating a data packet 
according to claim 122 and means for transmitting the data packet to the service 
provider. 
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125. (Withdrawn) A method of facilitating transactions between a plurality of users 
registered with an authentication system and plurality of product or service providers, 
the method including: 

providing each user with authentication storage means storing predetermined 
authentication information, each authentication storage means being couplable to data 
processing apparatus for data exchange therewith; 

generating in response to a request, made using data processing apparatus, 
from a user to a product or service provider a transaction request data packet including 
data indicative of the identity of the user and the identity of the product or service 
provider; 

transmitting the transaction request data packet to the authentication system via 
the data processing apparatus; 

analysing in the authentication system the transaction request data packet and 
extracting therefrom the identity of the user; 

transmitting from the authentication system an authentication request signal to 
the user's authentication storage means via the data processing apparatus; 

receiving via the data processing apparatus a response from the user's 
authentication storage means at the authentication system; 

analysing said response at the authentication system to determine whether said 
response corresponds to an expected response with reference to knowledge of said 
predetermined authentication information for that user; 

generating an authentication token and providing this to the product or service 
provider via the data processing apparatus, the authentication token indicating to the 
product and service provider that the user is authenticated by the authentication system. 

126. (Withdrawn) The method of claim 125, wherein the authentication token includes 
data indicative of the product or service provider that generated the transaction request 
data packet corresponding to the authentication token. 
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127. (Withdrawn) The method of claim 125, wherein the authentication token includes 
data indicative of the user. 

128. (Withdrawn) The method of claim 125, including receiving from the service 
provider at the authentication system a request for payment token, including the 
authentication token to which it relates, checking the validity of the authentication token 
prior to authorising a payment to the product or service provider from the user's account 
with the authentication system. 

129. (Withdrawn) A method for carrying out an authentication process for 
authenticating a subsequent transaction by any one of a plurality of users with an entity 
by means of data processing apparatus, in which: 

the entity generates transaction data relating to the transaction, and 
during the authentication process the data processing apparatus has operatively 
associated with it a selected one of a plurality of authentication storage means 
respective to the users, each authentication storage means storing predetermined 
authentication information and being registerable with a common telecommunications 
system for which the users have respective telecommunications terminals; 

the method including the step of carrying out the authentication process via a 
communications link with the common telecommunications system, the authentication 
process being carried out by authenticating means incorporated in the 
telecommunications system and involving the use of the predetermined authentication 
information stored by the selected one authentication storage means, the 
predetermined authentication information stored by each authentication storage means 
corresponding to information which is used to authenticate that user's 
telecommunications terminal in relation to the telecommunications system but the 
authentication process for authenticating the transaction by that user with the data 
processing apparatus not requiring use of that user's telecommunications terminal nor 
requiring the telecommunications terminal to be actually authenticated by that 
information in relation to the telecommunications system; 
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wherein in order to authenticate the transaction, the transaction data is 
transmitted between the data processing apparatus and the system via a transaction 
manager implemented by the data processing apparatus, and the predetermined 
authentication information is also transmitted between the authentication storage means 
and the system via the transaction manager. 
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